Professor Helen Nissenbaum has made a career out of putting philosophy to work. In a CV replete with honors (and also filled with impressive grants), she has turned a doctorate in Philosophy from Stanford University into a career researching the privacy implications of the internet. She is currently professor of “Media, Culture, and Communication & Computer Science” at NYU. I heard her speak at the Fordham University Law School, where her talk focused on her latest book, Privacy in Context; Technology, Policy, and the Integrity of Social Life.
Nissenbaum said that she thought this would be the easiest book she’s ever written, because it was simply synthesizing many papers, but that in fact it was the hardest, and it took two years. In the book (and in her current work) she is building an analytical framework that would identify the aspect of an online transaction or interaction that causes social anxiety.
The miracle of the internet is about the rapid dissemination of information. This has delivered powerful economic benefits, and it has delivered freedom.
The internet has also enabled massive data repositories that have caused concern. Nissenbaum mentioned Choicepoint and you can see the concerns of the Electronic Privacy Information Center here. Nissenbaum also mentioned the Total Information Awareness (TIA) program of the federal government. Of TIA, EPIC wrote, “TSA has failed to meet its legal obligations for openness and transparency under the Freedom of Information Act and has violated the spirit of the Privacy Act for the protection of privacy rights.”
Getting the terms right
Nissenbaum said that when we talk about privacy, we need to reject the dichotomy between public and private. If all information is available on the internet, what matters is not whether it’s there, but the context in which it was posted to the internet.
Her prescriptions can be broad. In 2004, she wrote a paper on surveillance called Privacy as Contextual Integrity in which she argued that surveillance footage, for example, must be used within its security context but must not be exported outside it.
She wrote, “when violations of norms are widespread and systematic as in public surveillance, when strong incentives of self-interest are behind these violations, when the parties involved are of radically unequal power and wealth, then the violations take on political significance and call for political response.”
In her speech, Nissenbaum said that information transmission is critical to society. In the paper, she noted that many surveillance activities today could violate any law that attempted to codify our social norms and expectations of privacy. In her talk, she noted that any overly broad law would have a serious negative effect on society and on the benefits that the internet has brought to the economies and societies of the world.
In a conversation, she noted, we control the transmission of information. We talk to a specific person. In the context, we understand how our friend will use the information. In another context, such as in a therapy session, one person talks and the other listens and the conversation remains confidential.
“Privacy issues arise when everyone instead of a specific person receives the information,” Nissenbaum said.
Nissenbaum said that laws already understand that privacy issues invole one actor transmitting information and another receiving and then using that information. See, for example, section 6802 of the Gramm-Leach-Bliley act which begins:
Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer
The act recognizes the obligations of the recipient of private information (the financial institution) with regard to information received from an actor (the consumer).
The internet brings change
“The world is changing, upsetting entrenched norms,” Nissenbaum said. She said that the changes affect vested interests but they also effect core values. In order to evaluate privacy questions, we must consider the context.
For example, she noted that the results of HIV tests must remain private or those who are infected or might be infected will avoid health care.
She said that PACER has put all federal cases online but added that there is debate — good debate — occurring at the state level.
She said that data mining can be good. It can improve health care and education. But many people are not aware of the scale and scope of current data mining by businesses. She recommended a series of articles in the Wall Street Journal called What They Know About You. Of particular interest to readers: After sharp internal debate, Microsoft designed Internet Explorer so that users must turn on privacy settings every time IE starts.
If human beings become concerned about the privacy implications of online activity, Nissenbaum noted, they might stop shopping online, which would be bad.
A Fordham student noted that although she herself has opted out of Facebook, she still worries that her friends will post photos of her online.
The systems that Nissenbaum is developing that will be used to analyze the context of online transactions seem most useful for online venues where structured activity takes place. For example, as states analyze the privacy implications of online educational record systems, her schema will provide a valuable framework.
But in areas of the internet that more closely resemble an actual conversation, it seems unlikely that any schema can list all of the layers of meaning and context that surround an actual conversation between friends.
Nissenbaum’s talk shows that while governments can solve many of their privacy issues, social networks face greater challenges. This was timely: after visiting Fordham Law School, I went to a meeting of the New York Linux User’s Group (NYLUG) where the open source Diaspora social networking project would present (see Diaspora at NYLUG).